I said "is exploited", rather than "can be exploited", because both these 0 day vulnerabilities are being actively exploited in the wild.
I also deleted "malicious" near "web sites", because exploits for the latter vulnerability are being massively infiltrated inside legit web sites using automated SQL injection attacks.
Give yourself a Christmas gift: if there's a best moment for switching to a safe or to a safer browser, that's now.

This entry was posted on Thursday, December 11th, 2008 at 1:32 pm and is filed under IE, SQL, Mozilla, Security. You can follow any responses to this entry through the RSS 2.0 feed.
Both comments and pings are currently closed.

Preaching to the choir! But thanks. As I read this via my RSS, I was just in the process of rooting out the remains of IE on our computer...AGAIN, which someone in my family RE-installed...after all my work to get rid of it! Now, it's been running in silently, behind Firefox, screwing up everything. Ugh. Even WITHOUT all the bugs, etc., it's a pain in and of itself.

[...] or disclosures to maximize their impact. Zero day critical vulnerabilities in three different Microsoft products have been disclosed immediately after last “black Tuesday”: is this really a [...]